This repository has been archived by the owner on Feb 26, 2021. It is now read-only.
Security Bug in merge-recurrsive #62
Labels
Comments
|
This is not a big deal since it only affects the options argument passed to the server, which is only controllable by someone launching the server (therefore control of that indicates control of the shell, too) |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Github analyzed my package-lock.json and found a vulnerability for a dependency of this project:
https://github.com/OpenSourceDemocracy/orbit-fs/network/alert/package-lock.json/merge-recursive/open
Not sure how much this library depends on this package and thought I'd pass along the info.
The text was updated successfully, but these errors were encountered: